Symantec Enterprise Security Manager - Symantec™ Enterprise Security Manager – Update for Application tab issue for ESM 9.0.1 agents
February 28, 2011
Symantec™ Enterprise Security Manager – Update for ESM 9.0.1 Agents, provides information about the fix for the following issue:
When you perform a Live Update on an ESM 9.0.1 Windows agent, the application tab of agent properties gets updated with information of the applications that are not installed on the agent.
Symantec has released the fix for the above issue, that consists of esmc and esmagent binaries, which can be deployed using the remote upgrade process. The esmc binary now has the functionality to remove entries of all application modules from the agent using the following command:
remove application “agent_name” –a
After policy run, the agent properties will show the actual application modules installed on the agent.
The ESM 9.0.1 Agent update contains the Mini RU (Remote Upgrade) package which consists of esmc and esmagent binaries for deploying the fix on ESM 9.0.1 agents. The update also consists of ESM manager binaries, which are applicable to ESM 9.0.1 and ESM 10.0 managers.
Note:You must replace the ESM manager binaries, before you apply the remote upgrade fix using the remote upgrade process.
This fix is applicable to the following platforms:
Windows 2000 Professional, Advanced, and Server (Intel)
Windows Server 2003 (EM64T/Opteron)
Windows Server 2003 (Intel)
Windows Server 2003 (Itanium)
Windows Server 2008 (EM64T/Opteron), Core and GUI
Windows 2008 (x86) GUI
Windows 2008 R2 (x64, IA64) Core and GUI
Windows 7 (x86, x64)
To apply the fix for agents with ESM agent 9.0.1 installed
Ensure that no policies are running on the ESM Manager.
Stop the Symantec Enterprise Security Manager Service from the services console.
Take a backup of the existing ESM Manager binary i.e. esmmangner.exe and version.dat, that is present at <Install_dir>\Symantec\ESM\bin\<platform_dir> Note: You do not have to replace version.dat on ESM 10.0 manager.
Navigate to the <Install_dir>.
By default the install_dir is located at: C:\Program Files\Symantec\Enterprise Security Manager\bin\<platform>.
Replace the esmmanager.exe and version.dat with the files extracted in step a. Note: You do not have to replace version.dat on ESM 10.0 manager.
Extract the following files to a suitable location on your local computer:
Note: You do not have to extract version.dat for ESM 10.0 manager.
Stop the ESM daemons by typing the following command:
Take a backup of the files mentioned in step a above from the following location:
Replace the existing files with the files extracted in step a.
Change the permission of the files you replaced in step e to be executable. Type the following command:
chmod +x esmcifd
chmod +x esmnetd
chmod +x version.dat Note: You do not have to change permission of version.dat for ESM 10.0 manager.
Start the ESM daemons by typing the following command: /esm/esmrc start